Here you are, adding yet another server to your virtualized environment that went from beta to production in the data center equivalent of zero to 60 in 4.5 seconds. That speed means the security policies and processes you routinely applied to physical servers probably went out the window over the past few years.
In our latest survey on virtualization security, one IT pro told us that, for questions like "Do you harden your hypervisors?" we should provide the option of answering "No, and no future plans, but we know we should have plans."

We've tracked this area for some years in our practice and recently revisited the InformationWeek Analytics Virtualization Security Survey we first deployed in May 2008 to see how attitudes and practices have evolved. One thing we do know: That commenter is dead on. Yes, virtualization saves money and can increase reliability. But complexity is the enemy of security, and today's virtualized infrastructures are anything but simple, between virtual I/O, hardware appliances custom-built for virtual environments, and virtual software being used for what once was done in hardware. And now, storage, desktop, file, and network virtualization are on the table, too.